CVE-2003-0174

Published: May 12, 2003Modified: Apr 16, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.

Affected (1)

Products: Sgi: Irix

Sgi

1 product

Irix

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sgi Irix	Up to 6.5.19

Related CWEs

CWE-346

Origin Validation Error

The product does not properly verify that the source of data or communication is valid.

References (8)

ftp://patches.sgi.com/support/free/security/advisories/20030407-01-P (unsafe URL)

Source: cve@mitre.org

Broken LinkPatchVendor Advisory

http://www.ciac.org/ciac/bulletins/n-084.shtml

Source: cve@mitre.org

Broken Link

http://www.securityfocus.com/bid/7442

Source: cve@mitre.org

Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/11860

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

ftp://patches.sgi.com/support/free/security/advisories/20030407-01-P (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkPatchVendor Advisory

http://www.ciac.org/ciac/bulletins/n-084.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.securityfocus.com/bid/7442

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/11860

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.